Network configuration

This page describes how to configure critical network ports on an Aerospike Database.

Aerospike Database’s Network configuration stanza sets up critical network ports to be used by other nodes, application, and tools. The following table describes the ports used by Aerospike Database and XDR:

Name	Default Port	Description
Service	3000	Application, Tools, and Remote XDR use the Service port for database operations and cluster state.
Fabric	3001	Intra-cluster communication port. Replica writes, migrations, and other node-to-node communications use the Fabric port.
Mesh Heartbeat	3002	Heartbeat protocol ports are used to form and maintain the cluster. Only one heartbeat port may be configured. Mesh heartbeat and fabric should run on the same NIC.
Multicast Heartbeat	9918	Heartbeat protocol ports are used to form and maintain the cluster. Only one heartbeat port may be configured.
Info	3003	Telnet port that implements a plain text protocol for administrators to issue info commands. For more information, see asinfo documentation.

Note

Ensure that all Application and XDR nodes can communicate to the service port on all Aerospike nodes. Also ensure that each node can communicate over the configured heartbeat and fabric ports.

Note

For versions prior to 3.8, port 3004 is the default port to query the health state of the Cross-Datacenter Replication (XDR) client.

Configure network sub-stanzas

The network stanza of the Aerospike configuration file requires the following sub-stanzas:

• service
• fabric
• info
• heartbeat

To isolate fabric (inter-node replication, migration) and heartbeat from service traffic or XDR traffic, add an address distinct from the service address to the heartbeat and fabric sub-stanzas.

Note

For information on how to configure the heartbeat stanza, see heartbeat sub-stanza which defines the interface for intra-cluster communications.

The service sub-stanza

The following table describes each configuration item in the service sub-stanza.

Configuration item	Description
address	Interfaces or IP addresses to bind and listen to. Multiple IP addresses are allowed.
access-address	Interfaces or IP addresses to publish for clients, typically clients within the same subnet or datacenter.
alternate-access-address	Interfaces or IP addresses to publish for clients that can’t connect to access-address interfaces or IP addresses. If the items specified here are actual interfaces and not mapped over NAT, then the corresponding address configuration must be specified unless address any is set. Clients requiring the alternate-access-address to be returned must request it by specifying useServicesAlternate in their client policy.
access-port	When configured, this port is published to the clients. Requires port forwarding to be set up when the value is different than the port.
alternate-access-port	When configured and the client specifies useServicesAlternate in the client policy, this port is published to the clients. Requires port forwarding to be set up when the value is different than the port.

Example 1: Service sub-stanza configuration

Host with 2 network interfaces, x.x.x.x and y.y.y.y, with x.x.x.x for clients within the same subnet/DC (private IP) and y.y.y.y for clients in a different subnet/DC (public IP). The IP address y.y.y.y is not mapped over NAT:

service {
    address x.x.x.x
    address y.y.y.y
    access-address x.x.x.x
    alternate-access-address y.y.y.y
}

The access-address x.x.x.x prevents the y.y.y.y IP to also be broadcast. If access-address is not specified, all IPs specified as address are published or broadcast.

Example 2: Service sub-stanza configuration

If the y.y.y.y IP is mapped over NAT:

service {
    address x.x.x.x
    access-address x.x.x.x
    alternate-access-address y.y.y.y
}

Or, as address is published by default when not overwritten through access-address:

service {
    address x.x.x.x
    alternate-access-address y.y.y.y
}

Example 3: Service sub-stanza configuration

This alternate configuration works in most cases: leaving address any empty binds to all available interfaces, then publishes the specific access-address and alternate-access-address.

service {
    address any
    access-address x.x.x.x
    alternate-access-address y.y.y.y
}

Fabric sub-stanza configuration examples

To isolate intra-cluster communication traffic from regular client traffic, specify an address different from the service sub-stanza for the fabric and heartbeat sub-stanzas. By default, they are set to any.

fabric {
  address any
  port 3001   # Intra-cluster communication port (migrates, replication, etc).
}

Info sub-stanza configuration example

To disable telnet access to the info port, comment out the info sub-stanza. If access control (security) is enabled, telnet access to the info port is automatically disabled.

info {
  address any
  port 3003   # Plain text telnet management port.
}

More information

• Configure the heartbeat sub-stanza.
• Configure Rack Awareness to enable Aerospike to support top-of-rack switch failure.
• Configure Aerospike Database.